Page 1 of 1

trying to upload and delete pictures

Posted: Wed Dec 15, 2004 6:02 pm
by ansa1
I need some help!!!
I’m trying to upload and delete pictures from the database. They are stored and deleted by product ID. Uploads work fine but when I try to delete one of the uploads it doesn’t work properly. After deleting ( uploading as well) the page refreshes itself and shows the results by product ID. If I delete one picture after refreshing I am loosing the product ID. Consequentially, the page doesn’t show the rest of the pictures that belong the that specific product until I hit the back button on the browser.
For the upload I solved this problem by placing in a header location : page.php?id=.$_GET[‘id’]. And the page receives the product ID after it refreshes.
I also tried to do the same sort of step with the problem that I have when I try to delete a product (seems logical to me) but It doesn’t work. I believe that my knowledge in php is not sufficient enough to try and resolve this problem, so I am asking for your help in assisting me in this matter.

This are the error message that I am getting:
Notice: Undefined index: id ( here is for line: 35 delete part )

Here are the codes:

Code: Select all

<?php

if (in_array (strtolower ($file_type), $image_types,$id)) {
$sql = "INSERT INTO image "
. "(image_type, image, image_size, image_name, image_date, id) ";
$sql.= "VALUES (";
$sql.= "'{$file_type}', '{$userfile}', '{$file_size}', "
. "'{$file_name}', NOW(),'{$id}')";
@mysql_query ($sql, $conn);
//Header("Location:".$_SERVER["PHP_SELF"]);
header("location:admin_updatepictures.php?id=".$_GET['id']);
exit();
}
}
}
if(isset($_GET['iid']))
if ($_GET) {
$iid = $_GET['iid'];
$act = $_GET['act'];
switch ($act) {
case 'view':
$sql = "select * from image where image_id=$iid order by id "; //order by id";
$result = mysql_query($sql,$conn);
if (mysql_num_rows ($result)>0){
$row = @mysql_fetch_array($result);
$image_type = $row["image_type"];
$image = $row["image"];
Header("Content-type: $image_type");
print $image;
}
break;
case 'rem':
if(isset($_GET['id']))

$id=$_GET['id'];
$sql = "DELETE FROM image WHERE image_id=$iid order by id";
@mysql_query ($sql, $conn);
//Header("Location:".$_SERVER["PHP_SELF"])
header("location:admin_updatepictures.php?id=".$_GET['id']);
break;
default:
print "<img src="image.php?iid=$iid">";
break;
}
}

?>
and

Code: Select all

<?php
if(isset($_GET['id'])){
$id=$_GET['id'];
$sql = "SELECT * FROM image WHERE image.id = '$id' ORDER BY image_id ASC";
$result = mysql_query ($sql, $conn);
$i=0;
$str='';
if (mysql_num_rows($result)>0) {
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$i++;
$str .= $i.". ";
$str .= "<a href="admin_updatepictures.php?act=view&iid=".$row["image_id"]."">"
. $row["image_name"]."</a> ";
$str .= "[".$row["image_id"]."] ";
$str .= "[".$row["image_size"]."] ";
$str .= "[".$row["id"]."] ";
$str .= "[<a href="admin_updatepictures.php?act=rem&iid=".$row["image_id"]
. "">Remove</a>]<br>";
}
print $str;
}
}


?>
Thanks in advance

Posted: Wed Dec 15, 2004 6:53 pm
by ol4pr0

Code: Select all

$id=$_GET['id'];
$sql = "DELETE FROM image WHERE image_id=$iid order by id";  #$iid or $id ?
# how about 
$sql = "DELETE FROM image WHERE image_id='".$_GET['id']."' order by id";

Posted: Wed Dec 15, 2004 7:04 pm
by andre_c
make sure you escape and validate $_GET['id'] before putting it into an SQL query

Posted: Wed Dec 15, 2004 8:03 pm
by ansa1
Thanks for your response
$id=$_GET['id'];$sql = "DELETE FROM image WHERE image_id=$iid order by id"; #$iid or $id ?
Table image has fields: iid (int) (primary key) this is for the pictures identification.
And id as well - this mach product id.
So ex: id could be id = 2 with four pictures in the table iid 1, 2, 3, 4
you can delete picture = iid= 4 order by id 2.

Posted: Wed Dec 15, 2004 8:49 pm
by ol4pr0
andre_c wrote:make sure you escape and validate $_GET['id'] before putting it into an SQL query
Important

and for the id or iid i asume that $_GET['iid'] still counts on that part of the script.?

so make it $_GET['iid']

Code: Select all

#Dont use empty ( IE doesnt really care about empty it does about isset() 
if (isset($_GET['iid'])) {
$sql = "DELETE FROM image WHERE image_id=$_GET['iid'] order by id";
@mysql_query ($sql, $conn);
}
else
{
echo "Sorry made but ".$_GET['iid']." is no set ";
exit();
}

Posted: Wed Dec 15, 2004 9:20 pm
by ansa1
Thanks guys for your help

Hi ol4pr0

I am getting--- phrase error--- with your script in sql line .
Howeer if I replace id=".$_GET['id']); with an id – let say 5

header("location:admin_updatepictures.php?id=5);
I am getting expected results for product ID = 5. (only )
That means I should be close.

Posted: Wed Dec 15, 2004 11:18 pm
by ol4pr0
typo :(

other thing: i'm still laughing about it.. for not noticing myself.
u're doing delete, so whats up with the order by ? delete order by :)

Code: Select all

if (isset($_GET['iid']) && isset($GET['id']))  {
$sql = "DELETE FROM image WHERE image_id=".$_GET['iid']."";
mysql_query ($sql, $conn) or die (mysql_error());
header("location:admin_updatepictures.php?id=".$_GET['id']);
break;
}
else
{
echo "Iid = ".$_GET['iid']." <br> Id = ".$_GET['id']."";
exit();
}

Posted: Wed Dec 15, 2004 11:59 pm
by ansa1
Thanks for your time ! ol4pr0
I am pretty lost wit this feature.
I am getting --iid – but – id-- is NOT ( your codes show). That’s why ( probably ), I am not getting positive results. I’ll tray to do something more with this tomorrow. Here is pretty late now .
Thanks again.